package edu.mju.security.filter;

import edu.mju.security.utils.TokenUtils;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.util.CollectionUtils;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;

/**
 * 自定义授权过滤器
 */
public class AuthenticationFilter extends BasicAuthenticationFilter {

    private TokenUtils tokenUtils;

    private RedisTemplate redisTemplate;



    public AuthenticationFilter(AuthenticationManager authenticationManager,TokenUtils tokenUtils,RedisTemplate redisTemplate) {
        super(authenticationManager);
        this.tokenUtils = tokenUtils;
        this.redisTemplate = redisTemplate;
    }

    /**
     * 获取当前权限 放入上下文 放行
     */
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
        if (!request.getRequestURI().contains("admin")) {
            chain.doFilter(request, response);
            return;
        }
        //获取当前认证成功的用户权限信息
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = getAuthentication(request);
        //有权限信息，将权限信息放入上下文
        if(!ObjectUtils.isEmpty(usernamePasswordAuthenticationToken)){
            SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
        }
        //放行
        chain.doFilter(request,response);
    }

    /**
     * 获取当前认证成功的用户权限信息
     */
    private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest request) {
        //从header获取token
        String token = request.getHeader("token");
        //从token获取数据
        if(!StringUtils.isEmpty(token)){
            //获取用户名
            String tokenInfo = tokenUtils.getTokenInfo(token);
            //从redis中获取权限信息
            List<String> permissionList = (List<String>) redisTemplate.opsForValue().get(tokenInfo);
            Collection<GrantedAuthority> authorityCollection = new ArrayList<>();

            if(!CollectionUtils.isEmpty(permissionList)) {
                for (String s : permissionList) {
                    SimpleGrantedAuthority authority = new SimpleGrantedAuthority(s);
                    authorityCollection.add(authority);
                }

//                return new UsernamePasswordAuthenticationToken(tokenInfo, token, authorityCollection);
            }


            if (!StringUtils.isEmpty(tokenInfo)) {
                return new UsernamePasswordAuthenticationToken(tokenInfo, token, authorityCollection);
            }
            return null;
        }
        return null;
    }
}
